translate.c

/*
 *  SH4 translation
 *
 *  Copyright (c) 2005 Samuel Tardieu
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
 */
#include <stdarg.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <inttypes.h>

#define DEBUG_DISAS
#define SH4_DEBUG_DISAS
//#define SH4_SINGLE_STEP

#include "cpu.h"
#include "exec-all.h"
#include "disas.h"
#include "tcg-op.h"
#include "qemu-common.h"

#include "helper.h"
#define GEN_HELPER 1
#include "helper.h"

typedef struct DisasContext {
    struct TranslationBlock *tb;
    target_ulong pc;
    uint32_t sr;
    uint32_t fpscr;
    uint16_t opcode;
    uint32_t flags;
    int bstate;
    int memidx;
    uint32_t delayed_pc;
    int singlestep_enabled;
    uint32_t features;
    int has_movcal;
} DisasContext;

#if defined(CONFIG_USER_ONLY)
#define IS_USER(ctx) 1
#else
#define IS_USER(ctx) (!(ctx->sr & SR_MD))
#endif

enum {
    BS_NONE     = 0, /* We go out of the TB without reaching a branch or an
                      * exception condition
                      */
    BS_STOP     = 1, /* We want to stop translation for any reason */
    BS_BRANCH   = 2, /* We reached a branch condition     */
    BS_EXCP     = 3, /* We reached an exception condition */
};

/* global register indexes */
static TCGv_ptr cpu_env;
static TCGv cpu_gregs[24];
static TCGv cpu_pc, cpu_sr, cpu_ssr, cpu_spc, cpu_gbr;
static TCGv cpu_vbr, cpu_sgr, cpu_dbr, cpu_mach, cpu_macl;
static TCGv cpu_pr, cpu_fpscr, cpu_fpul, cpu_ldst;
static TCGv cpu_fregs[32];

/* internal register indexes */
static TCGv cpu_flags, cpu_delayed_pc;

static uint32_t gen_opc_hflags[OPC_BUF_SIZE];

#include "gen-icount.h"

static void sh4_translate_init(void)
{
    int i;
    static int done_init = 0;
    static const char * const gregnames[24] = {
        "R0_BANK0", "R1_BANK0", "R2_BANK0", "R3_BANK0",
        "R4_BANK0", "R5_BANK0", "R6_BANK0", "R7_BANK0",
        "R8", "R9", "R10", "R11", "R12", "R13", "R14", "R15",
        "R0_BANK1", "R1_BANK1", "R2_BANK1", "R3_BANK1",
        "R4_BANK1", "R5_BANK1", "R6_BANK1", "R7_BANK1"
    };
    static const char * const fregnames[32] = {
         "FPR0_BANK0",  "FPR1_BANK0",  "FPR2_BANK0",  "FPR3_BANK0",
         "FPR4_BANK0",  "FPR5_BANK0",  "FPR6_BANK0",  "FPR7_BANK0",
         "FPR8_BANK0",  "FPR9_BANK0", "FPR10_BANK0", "FPR11_BANK0",
        "FPR12_BANK0", "FPR13_BANK0", "FPR14_BANK0", "FPR15_BANK0",
         "FPR0_BANK1",  "FPR1_BANK1",  "FPR2_BANK1",  "FPR3_BANK1",
         "FPR4_BANK1",  "FPR5_BANK1",  "FPR6_BANK1",  "FPR7_BANK1",
         "FPR8_BANK1",  "FPR9_BANK1", "FPR10_BANK1", "FPR11_BANK1",
        "FPR12_BANK1", "FPR13_BANK1", "FPR14_BANK1", "FPR15_BANK1",
    };

    if (done_init)
        return;

    cpu_env = tcg_global_reg_new_ptr(TCG_AREG0, "env");

    for (i = 0; i < 24; i++)
        cpu_gregs[i] = tcg_global_mem_new_i32(TCG_AREG0,
                                              offsetof(CPUState, gregs[i]),
                                              gregnames[i]);

    cpu_pc = tcg_global_mem_new_i32(TCG_AREG0,
                                    offsetof(CPUState, pc), "PC");
    cpu_sr = tcg_global_mem_new_i32(TCG_AREG0,
                                    offsetof(CPUState, sr), "SR");
    cpu_ssr = tcg_global_mem_new_i32(TCG_AREG0,
                                     offsetof(CPUState, ssr), "SSR");
    cpu_spc = tcg_global_mem_new_i32(TCG_AREG0,
                                     offsetof(CPUState, spc), "SPC");
    cpu_gbr = tcg_global_mem_new_i32(TCG_AREG0,
                                     offsetof(CPUState, gbr), "GBR");
    cpu_vbr = tcg_global_mem_new_i32(TCG_AREG0,
                                     offsetof(CPUState, vbr), "VBR");
    cpu_sgr = tcg_global_mem_new_i32(TCG_AREG0,
                                     offsetof(CPUState, sgr), "SGR");
    cpu_dbr = tcg_global_mem_new_i32(TCG_AREG0,
                                     offsetof(CPUState, dbr), "DBR");
    cpu_mach = tcg_global_mem_new_i32(TCG_AREG0,
                                      offsetof(CPUState, mach), "MACH");
    cpu_macl = tcg_global_mem_new_i32(TCG_AREG0,
                                      offsetof(CPUState, macl), "MACL");
    cpu_pr = tcg_global_mem_new_i32(TCG_AREG0,
                                    offsetof(CPUState, pr), "PR");
    cpu_fpscr = tcg_global_mem_new_i32(TCG_AREG0,
                                       offsetof(CPUState, fpscr), "FPSCR");
    cpu_fpul = tcg_global_mem_new_i32(TCG_AREG0,
                                      offsetof(CPUState, fpul), "FPUL");

    cpu_flags = tcg_global_mem_new_i32(TCG_AREG0,
				       offsetof(CPUState, flags), "_flags_");
    cpu_delayed_pc = tcg_global_mem_new_i32(TCG_AREG0,
					    offsetof(CPUState, delayed_pc),
					    "_delayed_pc_");
    cpu_ldst = tcg_global_mem_new_i32(TCG_AREG0,
				      offsetof(CPUState, ldst), "_ldst_");

    for (i = 0; i < 32; i++)
        cpu_fregs[i] = tcg_global_mem_new_i32(TCG_AREG0,
                                              offsetof(CPUState, fregs[i]),
                                              fregnames[i]);

    /* register helpers */
#define GEN_HELPER 2
#include "helper.h"

    done_init = 1;
}

void cpu_dump_state(CPUState * env, FILE * f,
		    int (*cpu_fprintf) (FILE * f, const char *fmt, ...),
		    int flags)
{
    int i;
    cpu_fprintf(f, "pc=0x%08x sr=0x%08x pr=0x%08x fpscr=0x%08x\n",
		env->pc, env->sr, env->pr, env->fpscr);
    cpu_fprintf(f, "spc=0x%08x ssr=0x%08x gbr=0x%08x vbr=0x%08x\n",
		env->spc, env->ssr, env->gbr, env->vbr);
    cpu_fprintf(f, "sgr=0x%08x dbr=0x%08x delayed_pc=0x%08x fpul=0x%08x\n",
		env->sgr, env->dbr, env->delayed_pc, env->fpul);
    for (i = 0; i < 24; i += 4) {
	cpu_fprintf(f, "r%d=0x%08x r%d=0x%08x r%d=0x%08x r%d=0x%08x\n",
		    i, env->gregs[i], i + 1, env->gregs[i + 1],
		    i + 2, env->gregs[i + 2], i + 3, env->gregs[i + 3]);
    }
    if (env->flags & DELAY_SLOT) {
	cpu_fprintf(f, "in delay slot (delayed_pc=0x%08x)\n",
		    env->delayed_pc);
    } else if (env->flags & DELAY_SLOT_CONDITIONAL) {
	cpu_fprintf(f, "in conditional delay slot (delayed_pc=0x%08x)\n",
		    env->delayed_pc);
    }
}

void cpu_reset(CPUSH4State * env)
{
    if (qemu_loglevel_mask(CPU_LOG_RESET)) {
        qemu_log("CPU Reset (CPU %d)\n", env->cpu_index);
        log_cpu_state(env, 0);
    }

    memset(env, 0, offsetof(CPUSH4State, breakpoints));
    tlb_flush(env, 1);

    env->pc = 0xA0000000;
#if defined(CONFIG_USER_ONLY)
    env->fpscr = FPSCR_PR; /* value for userspace according to the kernel */
    set_float_rounding_mode(float_round_nearest_even, &env->fp_status); /* ?! */
#else
    env->sr = SR_MD | SR_RB | SR_BL | SR_I3 | SR_I2 | SR_I1 | SR_I0;
    env->fpscr = FPSCR_DN | FPSCR_RM_ZERO; /* CPU reset value according to SH4 manual */
    set_float_rounding_mode(float_round_to_zero, &env->fp_status);
    set_flush_to_zero(1, &env->fp_status);
#endif
    set_default_nan_mode(1, &env->fp_status);
}

typedef struct {
    const char *name;
    int id;
    uint32_t pvr;
    uint32_t prr;
    uint32_t cvr;
    uint32_t features;
} sh4_def_t;

static sh4_def_t sh4_defs[] = {
    {
	.name = "SH7750R",
	.id = SH_CPU_SH7750R,
	.pvr = 0x00050000,
	.prr = 0x00000100,
	.cvr = 0x00110000,
	.features = SH_FEATURE_BCR3_AND_BCR4,
    }, {
	.name = "SH7751R",
	.id = SH_CPU_SH7751R,
	.pvr = 0x04050005,
	.prr = 0x00000113,
	.cvr = 0x00110000,	/* Neutered caches, should be 0x20480000 */
	.features = SH_FEATURE_BCR3_AND_BCR4,
    }, {
	.name = "SH7785",
	.id = SH_CPU_SH7785,
	.pvr = 0x10300700,
	.prr = 0x00000200,
	.cvr = 0x71440211,
	.features = SH_FEATURE_SH4A,
     },
};

static const sh4_def_t *cpu_sh4_find_by_name(const char *name)
{
    int i;

    if (strcasecmp(name, "any") == 0)
	return &sh4_defs[0];

    for (i = 0; i < ARRAY_SIZE(sh4_defs); i++)
	if (strcasecmp(name, sh4_defs[i].name) == 0)
	    return &sh4_defs[i];

    return NULL;
}

void sh4_cpu_list(FILE *f, fprintf_function cpu_fprintf)
{
    int i;

    for (i = 0; i < ARRAY_SIZE(sh4_defs); i++)
	(*cpu_fprintf)(f, "%s\n", sh4_defs[i].name);
}

static void cpu_register(CPUSH4State *env, const sh4_def_t *def)
{
    env->pvr = def->pvr;
    env->prr = def->prr;
    env->cvr = def->cvr;
    env->id = def->id;
}

CPUSH4State *cpu_sh4_init(const char *cpu_model)
{
    CPUSH4State *env;
    const sh4_def_t *def;

    def = cpu_sh4_find_by_name(cpu_model);
    if (!def)
	return NULL;
    env = qemu_mallocz(sizeof(CPUSH4State));
    env->features = def->features;
    cpu_exec_init(env);
    env->movcal_backup_tail = &(env->movcal_backup);
    sh4_translate_init();
    env->cpu_model_str = cpu_model;
    cpu_reset(env);
    cpu_register(env, def);
    qemu_init_vcpu(env);
    return env;
}

static void gen_goto_tb(DisasContext * ctx, int n, target_ulong dest)
{
    TranslationBlock *tb;
    tb = ctx->tb;

    if ((tb->pc & TARGET_PAGE_MASK) == (dest & TARGET_PAGE_MASK) &&
	!ctx->singlestep_enabled) {
	/* Use a direct jump if in same page and singlestep not enabled */
        tcg_gen_goto_tb(n);
        tcg_gen_movi_i32(cpu_pc, dest);
        tcg_gen_exit_tb((long) tb + n);
    } else {
        tcg_gen_movi_i32(cpu_pc, dest);
        if (ctx->singlestep_enabled)
            gen_helper_debug();
        tcg_gen_exit_tb(0);
    }
}

static void gen_jump(DisasContext * ctx)
{
    if (ctx->delayed_pc == (uint32_t) - 1) {
	/* Target is not statically known, it comes necessarily from a
	   delayed jump as immediate jump are conditinal jumps */
	tcg_gen_mov_i32(cpu_pc, cpu_delayed_pc);
	if (ctx->singlestep_enabled)
	    gen_helper_debug();
	tcg_gen_exit_tb(0);
    } else {
	gen_goto_tb(ctx, 0, ctx->delayed_pc);
    }
}

static inline void gen_branch_slot(uint32_t delayed_pc, int t)
{
    TCGv sr;
    int label = gen_new_label();
    tcg_gen_movi_i32(cpu_delayed_pc, delayed_pc);
    sr = tcg_temp_new();
    tcg_gen_andi_i32(sr, cpu_sr, SR_T);
    tcg_gen_brcondi_i32(t ? TCG_COND_EQ:TCG_COND_NE, sr, 0, label);
    tcg_gen_ori_i32(cpu_flags, cpu_flags, DELAY_SLOT_TRUE);
    gen_set_label(label);
}

/* Immediate conditional jump (bt or bf) */
static void gen_conditional_jump(DisasContext * ctx,
				 target_ulong ift, target_ulong ifnott)
{
    int l1;
    TCGv sr;

    l1 = gen_new_label();
    sr = tcg_temp_new();
    tcg_gen_andi_i32(sr, cpu_sr, SR_T);
    tcg_gen_brcondi_i32(TCG_COND_NE, sr, 0, l1);
    gen_goto_tb(ctx, 0, ifnott);
    gen_set_label(l1);
    gen_goto_tb(ctx, 1, ift);
}

/* Delayed conditional jump (bt or bf) */
static void gen_delayed_conditional_jump(DisasContext * ctx)
{
    int l1;
    TCGv ds;

    l1 = gen_new_label();
    ds = tcg_temp_new();
    tcg_gen_andi_i32(ds, cpu_flags, DELAY_SLOT_TRUE);
    tcg_gen_brcondi_i32(TCG_COND_NE, ds, 0, l1);
    gen_goto_tb(ctx, 1, ctx->pc + 2);
    gen_set_label(l1);
    tcg_gen_andi_i32(cpu_flags, cpu_flags, ~DELAY_SLOT_TRUE);
    gen_jump(ctx);
}

static inline void gen_set_t(void)
{
    tcg_gen_ori_i32(cpu_sr, cpu_sr, SR_T);
}

static inline void gen_clr_t(void)
{
    tcg_gen_andi_i32(cpu_sr, cpu_sr, ~SR_T);
}

static inline void gen_cmp(int cond, TCGv t0, TCGv t1)
{
    TCGv t;

    t = tcg_temp_new();
    tcg_gen_setcond_i32(cond, t, t1, t0);
    tcg_gen_andi_i32(cpu_sr, cpu_sr, ~SR_T);
    tcg_gen_or_i32(cpu_sr, cpu_sr, t);

    tcg_temp_free(t);
}

static inline void gen_cmp_imm(int cond, TCGv t0, int32_t imm)
{
    TCGv t;

    t = tcg_temp_new();
    tcg_gen_setcondi_i32(cond, t, t0, imm);
    tcg_gen_andi_i32(cpu_sr, cpu_sr, ~SR_T);
    tcg_gen_or_i32(cpu_sr, cpu_sr, t);

    tcg_temp_free(t);
}

static inline void gen_store_flags(uint32_t flags)
{
    tcg_gen_andi_i32(cpu_flags, cpu_flags, DELAY_SLOT_TRUE);
    tcg_gen_ori_i32(cpu_flags, cpu_flags, flags);
}

static inline void gen_copy_bit_i32(TCGv t0, int p0, TCGv t1, int p1)
{
    TCGv tmp = tcg_temp_new();

    p0 &= 0x1f;
    p1 &= 0x1f;

    tcg_gen_andi_i32(tmp, t1, (1 << p1));
    tcg_gen_andi_i32(t0, t0, ~(1 << p0));
    if (p0 < p1)
        tcg_gen_shri_i32(tmp, tmp, p1 - p0);
    else if (p0 > p1)
        tcg_gen_shli_i32(tmp, tmp, p0 - p1);
    tcg_gen_or_i32(t0, t0, tmp);

    tcg_temp_free(tmp);
}

static inline void gen_load_fpr64(TCGv_i64 t, int reg)
{
    tcg_gen_concat_i32_i64(t, cpu_fregs[reg + 1], cpu_fregs[reg]);
}

static inline void gen_store_fpr64 (TCGv_i64 t, int reg)
{
    TCGv_i32 tmp = tcg_temp_new_i32();
    tcg_gen_trunc_i64_i32(tmp, t);
    tcg_gen_mov_i32(cpu_fregs[reg + 1], tmp);
    tcg_gen_shri_i64(t, t, 32);
    tcg_gen_trunc_i64_i32(tmp, t);
    tcg_gen_mov_i32(cpu_fregs[reg], tmp);
    tcg_temp_free_i32(tmp);
}

#define B3_0 (ctx->opcode & 0xf)
#define B6_4 ((ctx->opcode >> 4) & 0x7)
#define B7_4 ((ctx->opcode >> 4) & 0xf)
#define B7_0 (ctx->opcode & 0xff)
#define B7_0s ((int32_t) (int8_t) (ctx->opcode & 0xff))
#define B11_0s (ctx->opcode & 0x800 ? 0xfffff000 | (ctx->opcode & 0xfff) : \
  (ctx->opcode & 0xfff))
#define B11_8 ((ctx->opcode >> 8) & 0xf)
#define B15_12 ((ctx->opcode >> 12) & 0xf)

#define REG(x) ((x) < 8 && (ctx->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB) ? \
		(cpu_gregs[x + 16]) : (cpu_gregs[x]))

#define ALTREG(x) ((x) < 8 && (ctx->sr & (SR_MD | SR_RB)) != (SR_MD | SR_RB) \
		? (cpu_gregs[x + 16]) : (cpu_gregs[x]))

#define FREG(x) (ctx->fpscr & FPSCR_FR ? (x) ^ 0x10 : (x))
#define XHACK(x) ((((x) & 1 ) << 4) | ((x) & 0xe))
#define XREG(x) (ctx->fpscr & FPSCR_FR ? XHACK(x) ^ 0x10 : XHACK(x))
#define DREG(x) FREG(x) /* Assumes lsb of (x) is always 0 */

#define CHECK_NOT_DELAY_SLOT \
  if (ctx->flags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL))     \
  {                                                           \
      gen_helper_raise_slot_illegal_instruction();            \
      ctx->bstate = BS_EXCP;                                  \
      return;                                                 \
  }

#define CHECK_PRIVILEGED                                        \
  if (IS_USER(ctx)) {                                           \
      if (ctx->flags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL)) { \
         gen_helper_raise_slot_illegal_instruction();           \
      } else {                                                  \
         gen_helper_raise_illegal_instruction();                \
      }                                                         \
      ctx->bstate = BS_EXCP;                                    \
      return;                                                   \
  }

#define CHECK_FPU_ENABLED                                       \
  if (ctx->flags & SR_FD) {                                     \
      if (ctx->flags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL)) { \
          gen_helper_raise_slot_fpu_disable();                  \
      } else {                                                  \
          gen_helper_raise_fpu_disable();                       \
      }                                                         \
      ctx->bstate = BS_EXCP;                                    \
      return;                                                   \
  }

static void _decode_opc(DisasContext * ctx)
{
    /* This code tries to make movcal emulation sufficiently
       accurate for Linux purposes.  This instruction writes
       memory, and prior to that, always allocates a cache line.
       It is used in two contexts:
       - in memcpy, where data is copied in blocks, the first write
       of to a block uses movca.l for performance.
       - in arch/sh/mm/cache-sh4.c, movcal.l + ocbi combination is used
       to flush the cache. Here, the data written by movcal.l is never
       written to memory, and the data written is just bogus.

       To simulate this, we simulate movcal.l, we store the value to memory,
       but we also remember the previous content. If we see ocbi, we check
       if movcal.l for that address was done previously. If so, the write should
       not have hit the memory, so we restore the previous content.
       When we see an instruction that is neither movca.l
       nor ocbi, the previous content is discarded.

       To optimize, we only try to flush stores when we're at the start of
       TB, or if we already saw movca.l in this TB and did not flush stores
       yet.  */
    if (ctx->has_movcal)
	{
	  int opcode = ctx->opcode & 0xf0ff;
	  if (opcode != 0x0093 /* ocbi */
	      && opcode != 0x00c3 /* movca.l */)
	      {
		  gen_helper_discard_movcal_backup ();
		  ctx->has_movcal = 0;
	      }
	}

#if 0
    fprintf(stderr, "Translating opcode 0x%04x\n", ctx->opcode);
#endif

    switch (ctx->opcode) {
    case 0x0019:		/* div0u */
	tcg_gen_andi_i32(cpu_sr, cpu_sr, ~(SR_M | SR_Q | SR_T));
	return;
    case 0x000b:		/* rts */
	CHECK_NOT_DELAY_SLOT
	tcg_gen_mov_i32(cpu_delayed_pc, cpu_pr);
	ctx->flags |= DELAY_SLOT;
	ctx->delayed_pc = (uint32_t) - 1;
	return;
    case 0x0028:		/* clrmac */
	tcg_gen_movi_i32(cpu_mach, 0);
	tcg_gen_movi_i32(cpu_macl, 0);
	return;
    case 0x0048:		/* clrs */
	tcg_gen_andi_i32(cpu_sr, cpu_sr, ~SR_S);
	return;
    case 0x0008:		/* clrt */
	gen_clr_t();
	return;
    case 0x0038:		/* ldtlb */
	CHECK_PRIVILEGED
	gen_helper_ldtlb();
	return;
    case 0x002b:		/* rte */
	CHECK_PRIVILEGED
	CHECK_NOT_DELAY_SLOT
	tcg_gen_mov_i32(cpu_sr, cpu_ssr);
	tcg_gen_mov_i32(cpu_delayed_pc, cpu_spc);
	ctx->flags |= DELAY_SLOT;
	ctx->delayed_pc = (uint32_t) - 1;
	return;
    case 0x0058:		/* sets */
	tcg_gen_ori_i32(cpu_sr, cpu_sr, SR_S);
	return;
    case 0x0018:		/* sett */
	gen_set_t();
	return;
    case 0xfbfd:		/* frchg */
	tcg_gen_xori_i32(cpu_fpscr, cpu_fpscr, FPSCR_FR);
	ctx->bstate = BS_STOP;
	return;
    case 0xf3fd:		/* fschg */
	tcg_gen_xori_i32(cpu_fpscr, cpu_fpscr, FPSCR_SZ);
	ctx->bstate = BS_STOP;
	return;
    case 0x0009:		/* nop */
	return;
    case 0x001b:		/* sleep */
	CHECK_PRIVILEGED
	gen_helper_sleep(tcg_const_i32(ctx->pc + 2));
	return;
    }

    switch (ctx->opcode & 0xf000) {
    case 0x1000:		/* mov.l Rm,@(disp,Rn) */
	{
	    TCGv addr = tcg_temp_new();
	    tcg_gen_addi_i32(addr, REG(B11_8), B3_0 * 4);
	    tcg_gen_qemu_st32(REG(B7_4), addr, ctx->memidx);
	    tcg_temp_free(addr);
	}
	return;
    case 0x5000:		/* mov.l @(disp,Rm),Rn */
	{
	    TCGv addr = tcg_temp_new();
	    tcg_gen_addi_i32(addr, REG(B7_4), B3_0 * 4);
	    tcg_gen_qemu_ld32s(REG(B11_8), addr, ctx->memidx);
	    tcg_temp_free(addr);
	}
	return;
    case 0xe000:		/* mov #imm,Rn */
	tcg_gen_movi_i32(REG(B11_8), B7_0s);
	return;
    case 0x9000:		/* mov.w @(disp,PC),Rn */
	{
	    TCGv addr = tcg_const_i32(ctx->pc + 4 + B7_0 * 2);
	    tcg_gen_qemu_ld16s(REG(B11_8), addr, ctx->memidx);
	    tcg_temp_free(addr);
	}
	return;
    case 0xd000:		/* mov.l @(disp,PC),Rn */
	{
	    TCGv addr = tcg_const_i32((ctx->pc + 4 + B7_0 * 4) & ~3);
	    tcg_gen_qemu_ld32s(REG(B11_8), addr, ctx->memidx);
	    tcg_temp_free(addr);
	}
	return;
    case 0x7000:		/* add #imm,Rn */
	tcg_gen_addi_i32(REG(B11_8), REG(B11_8), B7_0s);
	return;
    case 0xa000:		/* bra disp */
	CHECK_NOT_DELAY_SLOT
	ctx->delayed_pc = ctx->pc + 4 + B11_0s * 2;
	tcg_gen_movi_i32(cpu_delayed_pc, ctx->delayed_pc);
	ctx->flags |= DELAY_SLOT;
	return;
    case 0xb000:		/* bsr disp */
	CHECK_NOT_DELAY_SLOT
	tcg_gen_movi_i32(cpu_pr, ctx->pc + 4);
	ctx->delayed_pc = ctx->pc + 4 + B11_0s * 2;
	tcg_gen_movi_i32(cpu_delayed_pc, ctx->delayed_pc);
	ctx->flags |= DELAY_SLOT;
	return;
    }

    switch (ctx->opcode & 0xf00f) {
    case 0x6003:		/* mov Rm,Rn */
	tcg_gen_mov_i32(REG(B11_8), REG(B7_4));
	return;
    case 0x2000:		/* mov.b Rm,@Rn */
	tcg_gen_qemu_st8(REG(B7_4), REG(B11_8), ctx->memidx);
	return;
    case 0x2001:		/* mov.w Rm,@Rn */
	tcg_gen_qemu_st16(REG(B7_4), REG(B11_8), ctx->memidx);
	return;
    case 0x2002:		/* mov.l Rm,@Rn */
	tcg_gen_qemu_st32(REG(B7_4), REG(B11_8), ctx->memidx);
	return;
    case 0x6000:		/* mov.b @Rm,Rn */
	tcg_gen_qemu_ld8s(REG(B11_8), REG(B7_4), ctx->memidx);
	return;
    case 0x6001:		/* mov.w @Rm,Rn */
	tcg_gen_qemu_ld16s(REG(B11_8), REG(B7_4), ctx->memidx);
	return;
    case 0x6002:		/* mov.l @Rm,Rn */
	tcg_gen_qemu_ld32s(REG(B11_8), REG(B7_4), ctx->memidx);
	return;
    case 0x2004:		/* mov.b Rm,@-Rn */
	{
	    TCGv addr = tcg_temp_new();
	    tcg_gen_subi_i32(addr, REG(B11_8), 1);
	    tcg_gen_qemu_st8(REG(B7_4), addr, ctx->memidx);	/* might cause re-execution */
	    tcg_gen_mov_i32(REG(B11_8), addr);			/* modify register status */
	    tcg_temp_free(addr);
	}
	return;
    case 0x2005:		/* mov.w Rm,@-Rn */
	{
	    TCGv addr = tcg_temp_new();
	    tcg_gen_subi_i32(addr, REG(B11_8), 2);
	    tcg_gen_qemu_st16(REG(B7_4), addr, ctx->memidx);
	    tcg_gen_mov_i32(REG(B11_8), addr);
	    tcg_temp_free(addr);
	}
	return;
    case 0x2006:		/* mov.l Rm,@-Rn */
	{
	    TCGv addr = tcg_temp_new();
	    tcg_gen_subi_i32(addr, REG(B11_8), 4);
	    tcg_gen_qemu_st32(REG(B7_4), addr, ctx->memidx);
	    tcg_gen_mov_i32(REG(B11_8), addr);
	}
	return;
    case 0x6004:		/* mov.b @Rm+,Rn */
	tcg_gen_qemu_ld8s(REG(B11_8), REG(B7_4), ctx->memidx);
	if ( B11_8 != B7_4 )
		tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 1);
	return;
    case 0x6005:		/* mov.w @Rm+,Rn */
	tcg_gen_qemu_ld16s(REG(B11_8), REG(B7_4), ctx->memidx);
	if ( B11_8 != B7_4 )
		tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 2);
	return;
    case 0x6006:		/* mov.l @Rm+,Rn */
	tcg_gen_qemu_ld32s(REG(B11_8), REG(B7_4), ctx->memidx);
	if ( B11_8 != B7_4 )
		tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 4);
	return;
    case 0x0004:		/* mov.b Rm,@(R0,Rn) */
	{
	    TCGv addr = tcg_temp_new();
	    tcg_gen_add_i32(addr, REG(B11_8), REG(0));
	    tcg_gen_qemu_st8(REG(B7_4), addr, ctx->memidx);
	    tcg_temp_free(addr);
	}
	return;
    case 0x0005:		/* mov.w Rm,@(R0,Rn) */
	{
	    TCGv addr = tcg_temp_new();
	    tcg_gen_add_i32(addr, REG(B11_8), REG(0));
	    tcg_gen_qemu_st16(REG(B7_4), addr, ctx->memidx);
	    tcg_temp_free(addr);
	}
	return;
    case 0x0006:		/* mov.l Rm,@(R0,Rn) */
	{
	    TCGv addr = tcg_temp_new();
	    tcg_gen_add_i32(addr, REG(B11_8), REG(0));
	    tcg_gen_qemu_st32(REG(B7_4), addr, ctx->memidx);
	    tcg_temp_free(addr);
	}
	return;
    case 0x000c:		/* mov.b @(R0,Rm),Rn */
	{
	    TCGv addr = tcg_temp_new();
	    tcg_gen_add_i32(addr, REG(B7_4), REG(0));
	    tcg_gen_qemu_ld8s(REG(B11_8), addr, ctx->memidx);
	    tcg_temp_free(addr);
	}
	return;
    case 0x000d:		/* mov.w @(R0,Rm),Rn */
	{
	    TCGv addr = tcg_temp_new();
	    tcg_gen_add_i32(addr, REG(B7_4), REG(0));
	    tcg_gen_qemu_ld16s(REG(B11_8), addr, ctx->memidx);
	    tcg_temp_free(addr);
	}
	return;
    case 0x000e:		/* mov.l @(R0,Rm),Rn */
	{
	    TCGv addr = tcg_temp_new();
	    tcg_gen_add_i32(addr, REG(B7_4), REG(0));
	    tcg_gen_qemu_ld32s(REG(B11_8), addr, ctx->memidx);
	    tcg_temp_free(addr);
	}
	return;
    case 0x6008:		/* swap.b Rm,Rn */
	{
	    TCGv high, low;
	    high = tcg_temp_new();
	    tcg_gen_andi_i32(high, REG(B7_4), 0xffff0000);
	    low = tcg_temp_new();
	    tcg_gen_ext16u_i32(low, REG(B7_4));
	    tcg_gen_bswap16_i32(low, low);
	    tcg_gen_or_i32(REG(B11_8), high, low);
	    tcg_temp_free(low);
	    tcg_temp_free(high);
	}
	return;
    case 0x6009:		/* swap.w Rm,Rn */
	{
	    TCGv high, low;
	    high = tcg_temp_new();
	    tcg_gen_shli_i32(high, REG(B7_4), 16);
	    low = tcg_temp_new();
	    tcg_gen_shri_i32(low, REG(B7_4), 16);
	    tcg_gen_ext16u_i32(low, low);
	    tcg_gen_or_i32(REG(B11_8), high, low);
	    tcg_temp_free(low);
	    tcg_temp_free(high);
	}
	return;
    case 0x200d:		/* xtrct Rm,Rn */
	{
	    TCGv high, low;
	    high = tcg_temp_new();
	    tcg_gen_shli_i32(high, REG(B7_4), 16);
	    low = tcg_temp_new();
	    tcg_gen_shri_i32(low, REG(B11_8), 16);
	    tcg_gen_ext16u_i32(low, low);
	    tcg_gen_or_i32(REG(B11_8), high, low);
	    tcg_temp_free(low);
	    tcg_temp_free(high);
	}
	return;
    case 0x300c:		/* add Rm,Rn */
	tcg_gen_add_i32(REG(B11_8), REG(B11_8), REG(B7_4));
	return;
    case 0x300e:		/* addc Rm,Rn */
	gen_helper_addc(REG(B11_8), REG(B7_4), REG(B11_8));
	return;
    case 0x300f:		/* addv Rm,Rn */
	gen_helper_addv(REG(B11_8), REG(B7_4), REG(B11_8));
	return;
    case 0x2009:		/* and Rm,Rn */
	tcg_gen_and_i32(REG(B11_8), REG(B11_8), REG(B7_4));
	return;
    case 0x3000:		/* cmp/eq Rm,Rn */
	gen_cmp(TCG_COND_EQ, REG(B7_4), REG(B11_8));
	return;
    case 0x3003:		/* cmp/ge Rm,Rn */
	gen_cmp(TCG_COND_GE, REG(B7_4), REG(B11_8));
	return;
    case 0x3007:		/* cmp/gt Rm,Rn */
	gen_cmp(TCG_COND_GT, REG(B7_4), REG(B11_8));
	return;
    case 0x3006:		/* cmp/hi Rm,Rn */
	gen_cmp(TCG_COND_GTU, REG(B7_4), REG(B11_8));
	return;
    case 0x3002:		/* cmp/hs Rm,Rn */
	gen_cmp(TCG_COND_GEU, REG(B7_4), REG(B11_8));
	return;
    case 0x200c:		/* cmp/str Rm,Rn */
	{
	    TCGv cmp1 = tcg_temp_new();
	    TCGv cmp2 = tcg_temp_new();
	    tcg_gen_andi_i32(cpu_sr, cpu_sr, ~SR_T);
	    tcg_gen_xor_i32(cmp1, REG(B7_4), REG(B11_8));
	    tcg_gen_andi_i32(cmp2, cmp1, 0xff000000);
	    tcg_gen_setcondi_i32(TCG_COND_EQ, cmp2, cmp2, 0);
	    tcg_gen_or_i32(cpu_sr, cpu_sr, cmp2);
	    tcg_gen_andi_i32(cmp2, cmp1, 0x00ff0000);
	    tcg_gen_setcondi_i32(TCG_COND_EQ, cmp2, cmp2, 0);
	    tcg_gen_or_i32(cpu_sr, cpu_sr, cmp2);
	    tcg_gen_andi_i32(cmp2, cmp1, 0x0000ff00);
	    tcg_gen_setcondi_i32(TCG_COND_EQ, cmp2, cmp2, 0);
	    tcg_gen_or_i32(cpu_sr, cpu_sr, cmp2);
	    tcg_gen_andi_i32(cmp2, cmp1, 0x000000ff);
	    tcg_gen_setcondi_i32(TCG_COND_EQ, cmp2, cmp2, 0);
	    tcg_gen_or_i32(cpu_sr, cpu_sr, cmp2);
	    tcg_temp_free(cmp2);
	    tcg_temp_free(cmp1);
	}
	return;
    case 0x2007:		/* div0s Rm,Rn */
	{
	    gen_copy_bit_i32(cpu_sr, 8, REG(B11_8), 31);	/* SR_Q */
	    gen_copy_bit_i32(cpu_sr, 9, REG(B7_4), 31);		/* SR_M */
	    TCGv val = tcg_temp_new();
	    tcg_gen_xor_i32(val, REG(B7_4), REG(B11_8));
	    gen_copy_bit_i32(cpu_sr, 0, val, 31);		/* SR_T */
	    tcg_temp_free(val);
	}
	return;
    case 0x3004:		/* div1 Rm,Rn */
	gen_helper_div1(REG(B11_8), REG(B7_4), REG(B11_8));
	return;
    case 0x300d:		/* dmuls.l Rm,Rn */
	{
	    TCGv_i64 tmp1 = tcg_temp_new_i64();
	    TCGv_i64 tmp2 = tcg_temp_new_i64();

	    tcg_gen_ext_i32_i64(tmp1, REG(B7_4));
	    tcg_gen_ext_i32_i64(tmp2, REG(B11_8));
	    tcg_gen_mul_i64(tmp1, tmp1, tmp2);
	    tcg_gen_trunc_i64_i32(cpu_macl, tmp1);
	    tcg_gen_shri_i64(tmp1, tmp1, 32);
	    tcg_gen_trunc_i64_i32(cpu_mach, tmp1);

	    tcg_temp_free_i64(tmp2);
	    tcg_temp_free_i64(tmp1);
	}
	return;
    case 0x3005:		/* dmulu.l Rm,Rn */
	{
	    TCGv_i64 tmp1 = tcg_temp_new_i64();
	    TCGv_i64 tmp2 = tcg_temp_new_i64();

	    tcg_gen_extu_i32_i64(tmp1, REG(B7_4));
	    tcg_gen_extu_i32_i64(tmp2, REG(B11_8));
	    tcg_gen_mul_i64(tmp1, tmp1, tmp2);
	    tcg_gen_trunc_i64_i32(cpu_macl, tmp1);
	    tcg_gen_shri_i64(tmp1, tmp1, 32);
	    tcg_gen_trunc_i64_i32(cpu_mach, tmp1);

	    tcg_temp_free_i64(tmp2);
	    tcg_temp_free_i64(tmp1);
	}
	return;
    case 0x600e:		/* exts.b Rm,Rn */
	tcg_gen_ext8s_i32(REG(B11_8), REG(B7_4));
	return;
    case 0x600f:		/* exts.w Rm,Rn */
	tcg_gen_ext16s_i32(REG(B11_8), REG(B7_4));
	return;
    case 0x600c:		/* extu.b Rm,Rn */
	tcg_gen_ext8u_i32(REG(B11_8), REG(B7_4));
	return;
    case 0x600d:		/* extu.w Rm,Rn */
	tcg_gen_ext16u_i32(REG(B11_8), REG(B7_4));
	return;
    case 0x000f:		/* mac.l @Rm+,@Rn+ */
	{
	    TCGv arg0, arg1;
	    arg0 = tcg_temp_new();
	    tcg_gen_qemu_ld32s(arg0, REG(B7_4), ctx->memidx);
	    arg1 = tcg_temp_new();
	    tcg_gen_qemu_ld32s(arg1, REG(B11_8), ctx->memidx);
	    gen_helper_macl(arg0, arg1);
	    tcg_temp_free(arg1);
	    tcg_temp_free(arg0);
	    tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 4);
	    tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4);
	}
	return;
    case 0x400f:		/* mac.w @Rm+,@Rn+ */
	{
	    TCGv arg0, arg1;
	    arg0 = tcg_temp_new();
	    tcg_gen_qemu_ld32s(arg0, REG(B7_4), ctx->memidx);
	    arg1 = tcg_temp_new();
	    tcg_gen_qemu_ld32s(arg1, REG(B11_8), ctx->memidx);
	    gen_helper_macw(arg0, arg1);
	    tcg_temp_free(arg1);
	    tcg_temp_free(arg0);
	    tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 2);
	    tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 2);
	}
	return;
    case 0x0007:		/* mul.l Rm,Rn */
	tcg_gen_mul_i32(cpu_macl, REG(B7_4), REG(B11_8));
	return;
    case 0x200f:		/* muls.w Rm,Rn */
	{
	    TCGv arg0, arg1;
	    arg0 = tcg_temp_new();
	    tcg_gen_ext16s_i32(arg0, REG(B7_4));
	    arg1 = tcg_temp_new();
	    tcg_gen_ext16s_i32(arg1, REG(B11_8));
	    tcg_gen_mul_i32(cpu_macl, arg0, arg1);
	    tcg_temp_free(arg1);
	    tcg_temp_free(arg0);
	}
	return;
    case 0x200e:		/* mulu.w Rm,Rn */
	{
	    TCGv arg0, arg1;
	    arg0 = tcg_temp_new();
	    tcg_gen_ext16u_i32(arg0, REG(B7_4));
	    arg1 = tcg_temp_new();
	    tcg_gen_ext16u_i32(arg1, REG(B11_8));
	    tcg_gen_mul_i32(cpu_macl, arg0, arg1);
	    tcg_temp_free(arg1);
	    tcg_temp_free(arg0);
	}
	return;
    case 0x600b:		/* neg Rm,Rn */
	tcg_gen_neg_i32(REG(B11_8), REG(B7_4));
	return;
    case 0x600a:		/* negc Rm,Rn */
        {
	    TCGv t0, t1;
            t0 = tcg_temp_new();
            tcg_gen_neg_i32(t0, REG(B7_4));
            t1 = tcg_temp_new();
            tcg_gen_andi_i32(t1, cpu_sr, SR_T);
            tcg_gen_sub_i32(REG(B11_8), t0, t1);
            tcg_gen_andi_i32(cpu_sr, cpu_sr, ~SR_T);
            tcg_gen_setcondi_i32(TCG_COND_GTU, t1, t0, 0);
            tcg_gen_or_i32(cpu_sr, cpu_sr, t1);
            tcg_gen_setcond_i32(TCG_COND_GTU, t1, REG(B11_8), t0);
            tcg_gen_or_i32(cpu_sr, cpu_sr, t1);
            tcg_temp_free(t0);
            tcg_temp_free(t1);
        }
	return;
    case 0x6007:		/* not Rm,Rn */
	tcg_gen_not_i32(REG(B11_8), REG(B7_4));
	return;
    case 0x200b:		/* or Rm,Rn */
	tcg_gen_or_i32(REG(B11_8), REG(B11_8), REG(B7_4));
	return;
    case 0x400c:		/* shad Rm,Rn */
	{
	    int label1 = gen_new_label();
	    int label2 = gen_new_label();
	    int label3 = gen_new_label();
	    int label4 = gen_new_label();
	    TCGv shift;
	    tcg_gen_brcondi_i32(TCG_COND_LT, REG(B7_4), 0, label1);
	    /* Rm positive, shift to the left */
            shift = tcg_temp_new();
	    tcg_gen_andi_i32(shift, REG(B7_4), 0x1f);
	    tcg_gen_shl_i32(REG(B11_8), REG(B11_8), shift);
	    tcg_temp_free(shift);
	    tcg_gen_br(label4);
	    /* Rm negative, shift to the right */
	    gen_set_label(label1);
            shift = tcg_temp_new();
	    tcg_gen_andi_i32(shift, REG(B7_4), 0x1f);
	    tcg_gen_brcondi_i32(TCG_COND_EQ, shift, 0, label2);
	    tcg_gen_not_i32(shift, REG(B7_4));
	    tcg_gen_andi_i32(shift, shift, 0x1f);
	    tcg_gen_addi_i32(shift, shift, 1);
	    tcg_gen_sar_i32(REG(B11_8), REG(B11_8), shift);